CVE-2019-6188

3 documents3 sources

Severity

9.8CRITICAL

EPSS

0.6%

top 29.93%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Lenovo Thinkpad T460p Lenovo Thinkpad T470p Lenovo Thinkpad Helix Firmware +9 more

Timeline

PublishedNov 12

Latest updateMay 24

Description

The BIOS tamper detection mechanism was not triggered in Lenovo ThinkPad T460p, BIOS versions up to R07ET90W, and T470p, BIOS versions up to R0FET50W, which may allow for unauthorized access.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages12 packages

▶CVEListV5lenovo/thinkpad_t460punspecified — R07ET90W

▶CVEListV5lenovo/thinkpad_t470punspecified — R0FET50W

▶NVDlenovo/thinkpad_s531_firmware< gket46ww

▶NVDlenovo/thinkpad_t440_firmware< gjeta3ww

▶NVDlenovo/thinkpad_w540_firmware< gnet92ww

🔴Vulnerability Details

GHSA

GHSA-8v57-95f4-cp8w: The BIOS tamper detection mechanism was not triggered in Lenovo ThinkPad T460p, BIOS versions up to R07ET90W, and T470p, BIOS versions up to R0FET50W,↗2022-05-24

▶

CVEList

ThinkPad T460p and T470p BIOS Tamper Mechanism↗2019-11-12

▶